Expedition server sizing
Anyone know server sizing requirements for this? Minimum cpu, memory and storage?
Also, what is the recommended way to install?
Anyone know server sizing requirements for this? Minimum cpu, memory and storage?
Also, what is the recommended way to install?
I started by running the command
scp export log traffic start-time equal 2018/07/30@00:00:00 end-time equal 2018/07/30@23:45:00 to expedition@172.30.200.117:/PALogs/mltest.csvon my PA220.
root@Expedition:/PALogs# ls -l
total 64296
-rw-rw-r-- 1 expe
I created an OVA for my team and put it up here (Note, this isn't the official release now offered by PANW):
https://drive.google.com/open?id=1Z9GrCF8I_BZzpbEmEh6G75npo05_4G0c
Be sure to go Settings > M. Learning > and change the Expedition ML Addr
...
Expedition uses APACHE as a web server and PHP as module for the scripts. By default PHP allow users to upload files with a maximum size of 2M, this can be updated by changing the PHP.ini
sudo vi /etc/php/7.0/apache2/php.ini go to line where this ...
Hello,
When I import a Panorama Configuration and check the FQDN objects I can see that some objects have a CIDR 16 or 26 or 24 etc..
In the GUI it shows
Example
Name www.google.de
IP Address www.goolge.de
CIDR 16
FQDN is empty
V4 1
If I obe
...
Hi folks, We planned to migrate our FW P3050 to P3220.
Are they compatible or must we do a migration?
If they are no compatible is it possible to use Expedition to achieve this?
Many Thanks.
I am running rule enrichment on different device groups part of the same panorama that has been imported into the project. After I select the rules I want and hit the analyse button I see the results on screen and I then export to Excel. After doing
...
Hi All,
Hoping to use Expedition to clean up an ASA config without migrating to Palo. Understand it's not the intended purpose but wondering if the imported ASA config can be cleaned up and extracted somehow, perhaps as a raw file?
I can see Projec
...
I've successfully setup Expedition to consume logs and provide M. Learning traffic analysis for any any rules.
I've done 6 any any rules so far and all but one look correct.
The following any any rule has a source zone of Trans100_inside and destin
...
In a new installation of Expedition upon first login we had three issues to remediate:
1. The instructions for "Verify that the SQL_Log_bin flag in MariaDB is set to off" were clear enough. So that was addressed successfully.
2. Insufficient ins
...
I cannot retrive running configuration from Expedition through Devices menu. After click "Retrieve Contents" and select "running configuration", I can see running configuration is downloading but there's running configuration as a result. Even manual
...
Hello,
I'm trying to configure M. Learning in Expedition so that we can analyze the traffic passing through specific any any rules.
We use Panorama to manage the security policy on each of the individual firewalls. Is this an issue when trying to
...
Hi community, you can follow the steps in the attached guide to apply upgrades to Expedition when your Expedition server does not have internet access.
To update the Best Practices packages run the below command:
$sudo bash /var/www/html/OS/BPA/
...
Zero experience with Checkpoint, hostile Checkpoint admin that really doesn't want to help. Admin has provided the first tranche (400 lines) of security policy, following KB on exporting R80 security policies, he doesn't want to do all of it until he
...
Hi,
Anybody knows what is the latest version of expedition available? And does it support PAN-OS version 9.x?
Hi Team, could you please tell us is there a way to perform migration from Huawei to 5250 Palo Alto. we are aware that the migration tool would not support from Huawei to Palo Alto. Is there any scripting or other automated way available
Hi,
I'm working on a migration from Checkpoint R80.20 to panOS 9.0.5.
I injected both configurations in expedition. When I merge Policies and objects with the base configuration, the operation seems successful because I have the "Done!" message.
Bu
...
Hi,
i have done with setup machine learning
it analysed 1 firewall's 1 day log and populated 2080 policies
and 13518, still i have to analyze the logs for 29 days
I am afraid how i am going to optimize my newly populated firewall rules and how i
...
Is there a way to export a policy to CSV while resolving the Object Names to IP? I know you can export policy, addresses, and addresses groups individually. I would like one worksheet that contains the policy with both object name and IP in the SRC
...